class SecurityFilters {
   
    def filters = {
        // Ensure that all controllers and actions require an authenticated user,
        // except for the "public" controller
        auth(controller: "*", action: "*") {
            before = {
                // Exclude the "public" controller.
                if (controllerName == "public") return true

                // This just means that the user must be authenticated. He does
                // not need any particular role or permission.
                accessControl { true }
            }
        }

        // Creating, modifying, or deleting a User requires the "Administrator"
        // role.
        userEditing(controller: "user", action: "(create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }

        // Showing a book requires the "Administrator" *or* the "User" roles.
        userShow(controller: "user", action: "(list|show)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
        // Creating, modifying, or deleting a Role requires the "Administrator"
        // role.
        roleEditing(controller: "role", action: "(list|show|create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }
        

        griaFileActions(controller: "griaFile", action: "(list|show|create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
        griaJobActions(controller: "griaJob", action: "(list|show|create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
       fileTypeAdminActions(controller: "fileType", action: "(create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }
        
       fileTypeUserActions(controller: "fileType", action: "(list|show)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
       appArgAdminActions(controller: "applicationArgument", action: "(create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }
        
       appArgUserActions(controller: "applicationArgument", action: "(list|show)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
       appAdminActions(controller: "griaApplication", action: "(create|edit|save|update|delete)") {
            before = {
                accessControl {
                    role("Administrator")
                }
            }
        }
        
       appUserActions(controller: "griaApplication", action: "(list|show)") {
            before = {
                accessControl {
                    role("Administrator") || role("User")
                }
            }
        }
        
    }
}